EHR-IIS Interoperability Enhancement Project. Transport Layer Protocol Recommendation Formal Specification. Version 1.



Similar documents
Bindings for the Service Provisioning Markup Language (SPML) Version 1.0

Software Developer s Guide for the Cisco Secure Access Control System 5.1

Send your request via a SOAP-Request (e.g. with DotNET/SOAP, Java, PHP) to he following URL of our server:

How To Write A Contract Versioning In Wsdl 2.2.2

Iowa Immunization Registry Information System (IRIS) Web Services Data Exchange Setup. Version 1.1 Last Updated: April 14, 2014

OMG ARAP --The MDA Approach to to a Finance Web Service

Service Oriented Architecture using JAVA

Introduction. Tom Dinkelaker, Ericsson Guido Salvaneschi, Mira Mezini, TUD

Distributed Embedded Systems

Web-Service Example. Service Oriented Architecture

XML Based Customizable Screen. Rev 1.1

DocuSign Connect Guide

[MS-MDE]: Mobile Device Enrollment Protocol. Intellectual Property Rights Notice for Open Specifications Documentation

WSDL Example (Interface) WSDL Example (Implementation) Universal Description, Discovery and Integration. UDDI Usage

File Transfer Service (Batch SOAP) User Guide. A Guide to Submitting batches through emedny FTS

IBM SPSS Collaboration and Deployment Services Version 6 Release 0. Single Sign-On Services Developer's Guide

[MS-DVRD]: Device Registration Discovery Protocol. Intellectual Property Rights Notice for Open Specifications Documentation

Replacements TECHNICAL REFERENCE. DTCCSOLUTIONS Dec Copyright 2009 Depository Trust Clearing Corporation. All Rights Reserved.

KMx Enterprise: Integration Overview for Member Account Synchronization and Single Signon

MedBiquitous Web Services Design Guidelines

Prepared by Noam H. Arzt, PhD HLN Consulting, LLC

Web Services. Distributed Object Systems 11. Web Services, SOAP and NET. Web Applications. Web Services. Web services vs Distributed Objects

The BritNed Explicit Auction Management System. Kingdom Web Services Interfaces

NEMSIS v3 Web Services Guide

WSPDS: Web Services Peer-to-peer Discovery Service

FUSE ESB. Getting Started with FUSE ESB. Version 4.1 April 2009

SOAP. SOAP SOAP d Apache/IBM Invocation générique : SOAP. Message XML SOAP. SOAP d Apache/IBM Invocation générique : SOAP

IBM Unica emessage Version 8 Release 5 February 19, Transactional Administration Guide

Centers for Disease Control and Prevention, Public Health Information Network Messaging System (PHINMS)

Copyright 2012, Oracle and/or its affiliates. All rights reserved.

How To Write A Wsdl Standard For Csta (Ecma) And Cst A) (Ecmma)

GS1 Trade Sync Connectivity guide

Clinical Document Exchange Integration Guide - Outbound

Developing Web Services Applications

INTEGRATING WEB SERVICES INTO A WEB-BASED COLLEGE ADMISSION PORTAL SYSTEM

Integration of Hotel Property Management Systems (HPMS) with Global Internet Reservation Systems

Using web service technologies for incremental, real-time data transfers from EDC to SAS

Building Web Services with XML Service Utility Library (XSUL)

Secure Identity Propagation Using WS- Trust, SAML2, and WS-Security 12 Apr 2011 IBM Impact

United Concordia (UCD) Real Time Claim Submission & Adjudication Connectivity Specifications

Guidance on Data Exchange 1

Secure Authentication and Session. State Management for Web Services

Introduction into Web Services (WS)

Model User Guide for Implementing Online Insurance Verification

Web Services Servizio Telematico Doganale

Installing Certificates on Spectralink 8400 Handsets

StreamServe Persuasion SP4 Service Broker

Device Feature Key Synchronization

Using Exchange Network and CDX Services: Key Steps for Exchanging Emissions Inventory Data

PARTNER INTEGRATION GUIDE. Edition 1.0

Creating SOAP and REST Services and Web Clients with Ensemble

XML Processing and Web Services. Chapter 17

VALLIAMMAI ENGINEERING COLLEGE SRM NAGAR, KATTANKULATHUR DEPARTMENT OF COMPUTER APPLICATIONS SUBJECT : MC7502 SERVICE ORIENTED ARCHITECTURE

SOAP WSDL & HTTP MIME REST Web Services Companion Guide HIPAA Operating Rules (HOpR) CORE Phase II

AppVet. Version 1.0. April Stephen Quirolgico Tom Karygiannis Jeff Voas

Authentication and Single Sign On

INTEGRATING THE ESANTÉ DSP INTO GECAMED

MDM Server Web Services Reference Guide (Internal)

PHIN MS Detailed Security Design

Rotorcraft Health Management System (RHMS)

How To Create A C++ Web Service

DEVELOPING CONTRACT - DRIVEN WEB SERVICES USING JDEVELOPER. The purpose of this tutorial is to develop a java web service using a top-down approach.

Configuring Notification for Business Glossary

NYSP Web Service FAQ

Setup Guide Access Manager 3.2 SP3

Transport Layer Security Protocols

Connecting to WebSphere ESB and WebSphere Process Server

Web Services Implementation: The Beta Phase of EPA Network Nodes

Microsoft Active Directory Oracle Enterprise Gateway Integration Guide

Test Package for Electronic Filers of Affordable Care Act (ACA) Information Returns (AIR)

Java Web Services Training

Clinical Decision Support for Immunization (CDSi) Project

Author: Gennaro Frazzingaro Universidad Rey Juan Carlos campus de Mostòles (Madrid) GIA Grupo de Inteligencia Artificial

Magensa Services. Administrative Account Services API Documentation for Informational Purposes Only. September Manual Part Number:

No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation.

Virtual Fax API User Guide

InternetVista Web scenario documentation

TABLE OF CONTENTS INTRODUCTION USE CASES FOR CONVERSION BETWEEN DIRECT AND XDR DATAMOTION XDR IMPLEMENTATION GLOSSARY OF TERMS

"Understanding Devices Profile for Web Services, Web Services Discovery, and SOAPover-UDP"

Cúram Web Services Guide

Business Object Document (BOD) Message Architecture for OAGIS Release 9.+

Using ilove SharePoint Web Services Workflow Action

Testing Web Services Today and Tomorrow

TIBCO Spotfire Automation Services 6.5. User s Manual

Transcription:

EHR-IIS Interoperability Enhancement Project Transport Layer Protocol Recommendation Formal Specification Version 1.1 June 4, 2014 Transport Layer Expert Panel EHR-IIS Interoperability Enhancement Project Immunization Information Systems Support Branch (IISSB) National Center for Immunization and Respiratory Disease (NCIRD) Centers for Disease Control and Prevention (CDC) Transport Layer Protocol Specification 1 6/5/2014

Contents 1 Background... 3 2 Transport... 3 3 Security... 3 4 SOAP Web Service... 3 4.1 Actors... 3 4.2 Workflow... 4 4.3 Operations... 4 4.4 Parameters... 4 4.5 Faults... 5 4.6 Formal Specification... 6 4.6.1 Header... 6 4.6.2 Schema for types... 6 4.6.3 Message definitions... 7 4.6.4 Operation/transaction declarations... 7 4.6.5 SOAP 1.2 Binding... 8 4.6.6 Service definition and footer... 8 5 Document Management... 9 6 Appendix A: SOAP-Based Asynchronous/Batch Exchange... 10 6.1 Overview... 10 6.2 Asynchronous Exchange and SOAP... 10 6.3 Defining a Standard Interface... 10 6.4 Action Plan... 11 7 Appendix B: Implementation Notes... 12 7.1 SOAP, HL7 and End-of-Line Terminators... 12 Transport Layer Protocol Specification 2 6/5/2014

1 Background The Transport Layer Expert Panel has recommended a SOAP-based transport methodology for health system-to-health system HL7 immunization messaging interoperability. This document describes the underlying transport, security, and SOAP operations of the recommended approach. The scope of this document is limited to transport, security, and SOAP operations, parameters, and faults for SOAP-based HL7 transmissions to an IIS. Although the transport layer is message agnostic, the expected use of the methodology is to send HL7 version 2.3.1 or 2.5.1 messages presently used in the Immunization Information System (IIS) setting. The web service specification described in this document is designed to transmit single HL7 messages synchronously, i.e., a single HL7 message is transmitted and a response is generated immediately. Batch messages and asynchronous responses are out of scope for this specification, but are discussed in more detail in the appendix (see Section 6). 2 Transport The recommended transport is SOAP 1.2 over HTTPS (HTTP over TLS 1.1 or 1.2), using the authentication and web service specification described in the following subsections. 3 Security Transport layer encryption is provided by TLS; authentication and authorization of the sender must be performed by the receiver either using username and password credentials passed as part of the SOAP operations (see Section 4.4), or using client certificate authentication via TLS, or both. The authentication authorization methods supported by a receiving IIS are typically published in a local HL7 implementation guide for the IIS. 4 SOAP Web Service 4.1 Actors There are two actors in the sending of HL7 messages via SOAP in the IIS setting: 1. Sender typically an Electronic Health Record system (EHR-S) operated by an immunization provider, or an entity acting on behalf of an immunization provider. The sender operates a SOAP client to send HL7 messages to an IIS. 2. Receiver typically an IIS operated by a state or local health department. The receiver operates a SOAP Web Service to receive HL7 messages from the sender. Transport Layer Protocol Specification 3 6/5/2014

4.2 Workflow The general workflow for sending an HL7 message via SOAP to an IIS follows: 1. Sender tests connectivity to IIS 2. Sender composes and sends HL7 message 3. Receiver accepts HL7 message and sends HL7 response 4. Sender accepts HL7 response and any faults 4.3 Operations The following operations are provided by the IIS SOAP Web Service to support the workflow: Operation connectivitytest submitsinglemessage Purpose To test connectivity; to verify that the SOAP Web Service is accessible. To submit an HL7 version 2.3.1 or 2.5.1 message to an IIS. 4.4 Parameters Each operation has one or more input and output parameters: Operation: connectivitytest Parameter Input/Output Data type Description echoback Input String Data to be sent back by the connectivity test. return Output String Data sent back by the test. Operation: submitsinglemessage Parameter Input/Output Data type Description username Input String IIS username password Input String IIS password facilityid Input String IIS Facility ID hl7message Input String HL7 version 2.3.1 or 2.5.1 message intended for IIS Return Output String HL7 version 2.3.1 or 2.5.1 response from IIS The username, password, and facilityid parameters are not required and may be null if the receiving IIS allows it. These parameters, if used, should be defined by the IIS and provided to the sender prior to initiating HL7 transmissions. The hl7message and return parameters must contain the appropriate HL7 message as Transport Layer Protocol Specification 4 6/5/2014

defined by the Implementation Guide for Immunization Data Transactions using Version 2.3.1 (or 2.5.1) of the Health Level Seven (HL7) Standard Protocol, and any local IIS HL7 implementation guides. 4.5 Faults The SOAP Fault element is used to indicate error messages related to the SOAP operations and to carry detailed information within a SOAP message regarding the error. There are four types of SOAP Faults in the IIS SOAP Web Service: 1. UnsupportedOperationFault_Message generated if the sender attempts to request an operation that is not part of the IIS SOAP Web Service (See Section 4.3). 2. SecurityFault_Message generated if the authentication credentials supplied in the submitsinglemessage operation are not validated. 3. MessageTooLargeFault_Message generated if the hl7message parameter of the submitsinglemessage operation is too large. The maximum length should be specified by the IIS and provided to the sender prior to initiating HL7 transmissions. 4. UnknownFault_Message Any SOAP fault that does not fit into one of the above three SOAP Fault categories will be returned as an unknown fault. Each type of SOAP Fault contains the following parameters: Parameter Input/Output Data type Description Code Output Integer SOAP Fault code number, intended for automated use by client software to identify the fault. Reason Output String SOAP Fault reason, intended to be a human-readable explanation of the error that caused the fault. Detail Output String Detailed explanation of fault. Fault code numbers should be specified by the IIS and provided to the sender prior to initiating HL7 transmissions. Transport Layer Protocol Specification 5 6/5/2014

4.6 Formal Specification The formal specification for the IIS SOAP Web Service is contained in the following Web Services Definition Language (WSDL) document. 4.6.1 Header <?xml version="1.0" encoding="utf-8"?> <definitions xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:wsaw="http://www.w3.org/2005/08/addressing" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="urn:cdc:iisb:2011" xmlns:xsd="http://www.w3.org/2001/xmlschema" xmlns="http://schemas.xmlsoap.org/wsdl/" targetnamespace="urn:cdc:iisb:2011" name="iisservicenew"> 4.6.2 Schema for types <!-- schema for types --> <types> <xsd:schema elementformdefault="qualified" targetnamespace="urn:cdc:iisb:2011"> <xsd:complextype name="connectivitytestrequesttype"> <xsd:element name="echoback" type="xsd:string" minoccurs="1" maxoccurs="1" nillable="true"/> <xsd:complextype name="connectivitytestresponsetype"> <xsd:element name="return" type="xsd:string" minoccurs="1" maxoccurs="1" nillable="true"/> <xsd:complextype name="submitsinglemessagerequesttype"> <xsd:element name="username" type="xsd:string" minoccurs="0" maxoccurs="1" nillable="true"/> <xsd:element name="password" type="xsd:string" minoccurs="0" maxoccurs="1" nillable="true"/> <xsd:element name="facilityid" type="xsd:string" minoccurs="0" maxoccurs="1" nillable="true"/> <xsd:element name="hl7message" type="xsd:string" minoccurs="1" maxoccurs="1" nillable="true"/> <xsd:complextype name="submitsinglemessageresponsetype"> <xsd:element name="return" type="xsd:string" minoccurs="1" maxoccurs="1" nillable="true"/> <xsd:complextype name="soapfaulttype"> <xsd:element name="code" type="xsd:integer" minoccurs="1"/> <xsd:element name="reason" type="xsd:string" minoccurs="1"/> <xsd:element name="detail" type="xsd:string" minoccurs="1"/> <xsd:complextype name="unsupportedoperationfaulttype"> <xsd:element name="code" type="xsd:integer" minoccurs="1"/> <xsd:element name="reason" fixed="unsupportedoperation"/> <xsd:element name="detail" type="xsd:string" minoccurs="1"/> <xsd:complextype name="securityfaulttype"> <xsd:element name="code" type="xsd:integer" minoccurs="1"/> <xsd:element name="reason" fixed="security"/> <xsd:element name="detail" type="xsd:string" minoccurs="1"/> Transport Layer Protocol Specification 6 6/5/2014

<xsd:complextype name="messagetoolargefaulttype"> <xsd:element name="code" type="xsd:integer" minoccurs="1"/> <xsd:element name="reason" fixed="messagetoolarge"/> <xsd:element name="detail" type="xsd:string" minoccurs="1"/> <xsd:element name="connectivitytest" type="tns:connectivitytestrequesttype"/> <xsd:element name="connectivitytestresponse" type="tns:connectivitytestresponsetype"/> <xsd:element name="submitsinglemessage" type="tns:submitsinglemessagerequesttype"/> <xsd:element name="submitsinglemessageresponse" type="tns:submitsinglemessageresponsetype"/> <xsd:element name="fault" type="tns:soapfaulttype"/> <xsd:element name="unsupportedoperationfault" type="tns:unsupportedoperationfaulttype"/> <xsd:element name="securityfault" type="tns:securityfaulttype"/> <xsd:element name="messagetoolargefault" type="tns:messagetoolargefaulttype"/> </xsd:schema> </types> 4.6.3 Message definitions <!-- Message definitions --> <message name="connectivitytest_message"> <documentation>connectivity test request</documentation> <part name="parameters" element="tns:connectivitytest" /> <message name="connectivitytestresponse_message"> <documentation>connectivity test response</documentation> <part name="parameters" element="tns:connectivitytestresponse" /> <message name="submitsinglemessage_message"> <documentation>submit single message request.</documentation> <part name="parameters" element="tns:submitsinglemessage" /> <message name="submitsinglemessageresponse_message"> <documentation>submit single message response</documentation> <part name="parameters" element="tns:submitsinglemessageresponse" /> <message name="unknownfault_message"> <part name="fault" element="tns:fault"/> <message name="unsupportedoperationfault_message"> <part name="fault" element="tns:unsupportedoperationfault"/> <message name="securityfault_message"> <part name="fault" element="tns:securityfault"/> <message name="messagetoolargefault_message"> <part name="fault" element="tns:messagetoolargefault"/> 4.6.4 Operation/transaction declarations <!-- Operation/transaction declarations --> <porttype name="iis_porttype"> <operation name="connectivitytest"> <documentation>the connectivity test</documentation> <input message="tns:connectivitytest_message" wsaw:action="urn:cdc:iisb:2011:connectivitytest"/> <output message="tns:connectivitytestresponse_message" wsaw:action="urn:cdc:iisb:2011:connectivitytestresponse"/> <fault name="unknownfault" message="tns:unknownfault_message"/> <!-- a general soap fault --> <fault name="unsupportedoperationfault" message="tns:unsupportedoperationfault_message"/> <!-- The UnsupportedOperation soap fault --> </operation> <operation name="submitsinglemessage"> <documentation>submit single message</documentation> <input message="tns:submitsinglemessage_message" wsaw:action="urn:cdc:iisb:2011:submitsinglemessage"/> <output message="tns:submitsinglemessageresponse_message" wsaw:action="urn:cdc:iisb:2011:submitsinglemessageresponse"/> Transport Layer Protocol Specification 7 6/5/2014

<fault name="unknownfault" message="tns:unknownfault_message"/> <!-- a general soap fault --> <fault name="securityfault" message="tns:securityfault_message"/> <fault name="messagetoolargefault" message="tns:messagetoolargefault_message"/> </operation> </porttype> 4.6.5 SOAP 1.2 Binding <!-- SOAP 1.2 Binding --> <binding name="client_binding_soap12" type="tns:iis_porttype"> <soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" /> <operation name="connectivitytest"> <soap12:operation soapaction="urn:cdc:iisb:2011:connectivitytest" /> <input><soap12:body use="literal" /></input> <output><soap12:body use="literal" /></output> <fault name="unknownfault"><soap12:fault use="literal" name="unknownfault"/></fault> <fault name="unsupportedoperationfault"><soap12:fault use="literal" name="unsupportedoperationfault"/></fault> </operation> <operation name="submitsinglemessage"> <soap12:operation soapaction="urn:cdc:iisb:2011:submitsinglemessage" /> <input><soap12:body use="literal" /></input> <output><soap12:body use="literal" /></output> <fault name="unknownfault"><soap12:fault use="literal" name="unknownfault"/></fault> <fault name="securityfault"><soap12:fault use="literal" name="securityfault"/></fault> <fault name="messagetoolargefault"><soap12:fault use="literal" name="messagetoolargefault"/></fault> </operation> </binding> 4.6.6 Service definition and footer <!-- Service definition --> <service name="client_service"> <port binding="tns:client_binding_soap12" name="client_port_soap12"> <soap12:address location="http://localhost/webapp/iisservice" /> </port> </service> </definitions> Transport Layer Protocol Specification 8 6/5/2014

5 Document Management Date Changed By Comments Version # 8/25/2011 Transport Initial Version 1.0 Layer Expert Panel 6/4/2014 E. Larson Added Appendix B to document the end-of-line terminator disagreement between standards. 1.1 Transport Layer Protocol Specification 9 6/5/2014

6 Appendix A: SOAP-Based Asynchronous/Batch Exchange 6.1 Overview When recommending a transport layer for health information system to IIS interoperability, it was the goal of the transport layer expert panel to address different processing scenarios and payload sizes, including synchronous and asynchronous (and/or batch) exchanges. Through a detailed, consensus-based research process, the panel came to the conclusion that SOAP web services was the best choice to handle all of the current and future needs of IIS. In order to truly promote interoperability, the panel recognized it was important to also define a standard interface for the recommended SOAP transport layer. The immediate need was for synchronous HL7 message exchange, so that interface was defined first. Through investigation and detailed meetings, the unique requirements for asynchronous and/or batch processing were also discovered. The remainder of this appendix will discuss asynchronous and/or batch processing through SOAP, the specific differences between defining a standard for synchronous and asynchronous exchanges, and the panel s action plan. 6.2 Asynchronous Exchange and SOAP From a purely technical standpoint, SOAP has no limitations preventing it from supporting asynchronous processing. Further, through the use of Message Transmission Optimization Mechanism (MTOM), the size of the payload being sent across the wire is not an issue. Today, several IIS, including Nevada, Massachusetts, Arizona, and Kansas, provide the ability to submit large payloads for processing through a SOAP web service. While several IIS have asynchronous and/or batch processing via a SOAP web service, most of them have unique solutions which integrate their IIS batch processing and business processes into their SOAP web service definition. This creates a challenge when trying to define a standard interface usable by all trading partners. However, it was acknowledged from the outset that the recommended transport layer was not intended to replace existing functional interfaces. With this in mind, and the large majority of asynchronous and/or batch exchanges already functional, the need for a SOAP-based standard interface for asynchronous exchange is likely small. It is acknowledged that the need exists, but it is assumed to be small in comparison to the need for a synchronous standard interface. 6.3 Defining a Standard Interface Defining a standard interface to submit a batch payload for asynchronous processing is largely trivial through SOAP. In fact, the expert panel had basic consensus on a submission operation through the use of MTOM. The difficulty in a standard interface Transport Layer Protocol Specification 10 6/5/2014

for asynchronous process exists after the batch payload has been submitted for processing. Once a batch payload is in the hands of an IIS, it can take on multiple status codes defining the condition or state of the payload. These status codes are unique to each IIS. When the sending system wants to check on the submission, each IIS may have a unique response. Without an already defined standard set of status codes, or an agreement across all IIS on what these codes should be, it becomes a futile effort to assume the correct solution. A simple set of status codes might be: working, finished, not found, and error. However, this may not be sufficient for all IIS. Further, it is unknown at this time what each IIS uses to uniquely identify a submission and how that might be consistently messaged through a standard interface. That is, if the sending system cannot receive and process the unique identifier for a submission, it can never ask for an update or the response payload. While this problem isn t as challenging to solve as the status code problem, it is a known condition at this time. 6.4 Action Plan As noted above, the panel acknowledges asynchronous and/or batch processing still has its place in interoperability and is easily accomplished from a technical standpoint using SOAP. However, there is no need to replace processes that are already working well. As a result, the panel is focusing its work on the immediate need to define a national standard interface for synchronous transmissions of HL7 messages. If there is a demonstrated need for a national standard interface for asynchronous processing as well, the panel will engage the interested parties and address the need through a consensusbased approach. Transport Layer Protocol Specification 11 6/5/2014

7 Appendix B: Implementation Notes 7.1 SOAP, HL7, and End-of-Line Terminators A subtle, but important, disagreement between the HL7 V2 standard and an underlying SOAP standard was uncovered during testing with a new provider in Rhode Island in spring 2014. The issue has to do with end-of-line terminators. The HL7 standard dictates that all lines shall end with a carriage return (i.e.: ASCII 13, \r, or #xd). The underlying XML standard used by SOAP dictates that all end-of-line terminators should be normalized to a line feed (i.e.: ASCII 10, \n, or #xa). As such, it is possible that the carriage returns in an HL7 message could be (as proven in Rhode Island) converted to line feeds through SOAP transmission. Depending upon your HL7 parser, this could be problematic. As of March 2014, 26 IIS were either in testing or production with the CDC WSDL so it was important to consider the ramifications of any suggested resolutions. At this time the suggestion is a resolution on the IIS side. This will eliminate the need to roll-out an updated version of the WSDL and most importantly will not require changes by providers. The suggested resolution is one of two approaches. 1. Prior to calling the HL7 parser in your IIS, perform a quick find/replace to ensure carriage returns are present 2. Adjust the HL7 parser to allow more than just carriage returns to mark the end-of-line terminator Transport Layer Protocol Specification 12 6/5/2014